CVE-2021-24975

CVE-2021-24975: NextScripts: Social Networks Auto-Poster < 4.3.24 - Unauthenticated Stored XSS

Vendor Unknown
Product NextScripts: Social Networks Auto-Poster
Weakness CWE-79 · XSS
Published February 1, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.24 does not sanitise and escape logged requests before outputting them in the related admin dashboard, leading to an Unauthenticated Stored Cross-Site Scripting issue

Key dates

02Disclosure timeline

February 1, 2022 CVE published
August 3, 2024 Record updated